After setting up a generic applid for TPX, if I generate a one-time passticket and try to use it to sign onto TPX, logon is rejected.

NOTE: This isn't about using an application FROM TPX, this is an issue using pass-tickets to get ONTO TPX.

Solution:

TPX normally identifies itself to the security system with the real applid.

The default is the VTAM Primary LU name of TPX. However, if your site cannot use that name to identify TPX, or you are using APPL rules, specify a name in the SMRT Security Parameters Alias field. This will be passed to RACF and SAF instead of the TPX VTAM primary LU name.

For example (using RACF):

We have set up a generic applid TPXG that runs with multiple TPX regions and set up a passticket rule for TPXG. We issued the RDEF PTKTDATA TPXG SSIGNON(KEYMASKED(thegeneratedkey)) etc.